Compliance Regulations available in 9.5.2 - Updated March 23, 2016

Compliance Regulations available in 9.5.2 - Updated March 23, 2016

The following is a list of the supported compliance regulations available within McAfee SIEM as of 9.5.2. They can be accessed from the filter called "Compliance ID" on the right side of the ESM and applied to any view. Additionally, they can be accessed in the query wizard for a view component or a report component so that view or report will only include events that meet the compliance regulation.

Compliance Regulations Supported in ESM 9.5.0+

10 CFR Part 73.54

12 CFR Part 748

16 CFR Part 312

16 CFR Part 314

18 UCS – 2710

18-UCS – 2721

21 CFR Part 11

21 CFR Part 820

32 CFR 149

34 CFR Part 99

42 CFR Part 3 Patient Safety and Quality Improvements

42 CFE Parts 412 413 422 et al.

45 CFR Part 164

49 CFR Part 1542

5 USC - 552a

6 CFR Part 27

A 123 Implementation Guide

ACH Operating Rules OCC Bulletin 2004 58

ACSI 33

AICPA Identity Theft Prevention Program

AICAP Privacy

AICPA Suitable Trust

AICPA Trust Services

APRA PPG 234

AR 380 19

ASIS POA Manual

ARMA Information Governance Assessment Audit Questions

ARMA Information Governance Assessment Controls

Act on the Protection of Personal Data 67-98

Alaska Personal Information Protection Act Chapter 48

Amex DSS

Annex 11 Guide to Good Manufacturing Practice for Medicinal Products

Anti-Counterfeiting Trade Agreement

Appendix of 12 CFR Part 30

Apple OS X Security Config

Argentina Personal Data Protection Act

Australia Privacy Amendment Act

Australia Spam Act of 2003

Australia Spam Business Practical Guide

Australia Telecommunications Act

Australia Business Continuity Management Guide

Australian Government Information Security Manual Controls

Australian Privacy Act 1988

Austria Data Protection Law

Austria Telecommunications Act 2003

Authentication in an Internet Banking Environment

Aviation Transportation Security Act

BS 25999-1 Guide to Business Continuity Management

BS25999-2 Business continuity management specification

BS ISO IEC 20000 2 2005

BSI-Standard 100-2

Bank Secrecy Act

Basel II

Belgian Law of 8 December 1992 on the protection of privacy in relation to the processing of personal data

Bosnia Law on Protection of Personal Data 2001

C TPAT Best Practices

C TPAT Importers Guide

CA SB 1386

CAN SPAM Act of 2003

CCE v5 - AIX 5.3

CCE v5 - HP-UX 11.23

CCE v5 - Red Hat Enterprise Linux 4

CCE v5 - Red Hat Enterprise Linux 5

CCE v5 - Sun Solaris 10

CCE v5 - Sun Solaris 8

CCE v5 - Sun Solaris 9

CCE v5 - Windows 2000

CCE v5 - Windows 7

CCE v5 - Windows Server 2003

CCE v5 - Windows Server 2008

CCE v5 - Windows Vista

CCE v5 - Windows XP

CERT OCTAVE - S

CI Security AIX

CIS CentOS 6 Level 2

CI Security Free BSD

CI Security HP UX

CI Security Novell OES NetWare

CI Security Red Hat Enterprise Linux 1

CI Security Red Hat Enterprise Linux 1 05

CI Security Slackware Linux

CI Security Solaris 10

CI Security Solaris 9

CI Security SuSE Linux Enterprise Server

CI Security Ubuntu 12.04 LTS Level 2

CI Security Windows 2000

CI Security Windows 2000 Server

CI Security Windows 2000 Server Level 2 Benchmark

CI Security Windows 2K Pro

CI Security Windows NT

CI Security Windows XP

CIS RHEL 6 Level 2

CIS WIRELSS NETWORKING BENCHMARK

CIS Wireless Security Cisco Addendum

CIS Wireless Security Linksys Addendum

CIS-Windows7-Enterprise-Desktop

CIS-Windows7-Enterprise-Laptop

CIS-Windows7-SSLF-Desktop

CIS-Windows7-SSLF-Laptop

CISWIG 1

CISWIG 2

CMA Code of Ethics Standards

CMS Business Partners Systems Security Manual

CMS Core Security Requirements CSR

CMS System Security Plan Procedure

COSO ERM

CSIS 20 Critical Security Controls

Cable Communications Privacy Act

California Civil Code 17851-1785.6

California Civil Code 1789.91

California Civil Code 1798.25-1798.29 Accounting of Disclosures

California OPP Notification of Security Breach

Canada Personal Information Protection Electronic Documents Act

Canada Privacy Policy Principles

Childrens Online Privacy Protection Act

China Personal Data Ordinance of Hong Kong 2

Clinger Cohen Act

Cloud Security Alliance CCM

Cloud Security Alliance CCM v1.1

Cloud Security Alliance CCM v1.2

Cloud Security Alliance CCM v1.3

CobiT

Colima Personal Data Protection Law

Computer Security Incident Handling

Criminal Justice Information Services Security Policy

Cross Border Privacy Assessment

Czech Republic Data Protection Act

DIBA Info Assurance Standard

DIRKS

DISA Access Control STIG

DISA Apriva Sensa e mail Version 5 Release 2.2

DISA BLACKBERRY CHECKLIST 1.2 Version 5 Release 2.4

DISA Motorola Wireless e mail Version 5 Release 2.3

DISA Multi-Function Device and Printer Checklist

DISA Secure Remote Computing STIG v1 r2

DISA Unisys STIG V7R2

DISA Unix STIG V5R1

DISA WIRELESS SECURITY CHECKLIST

DISA Windows Mobile Messaging STIG Version 5 Release 2.4

DISA Windows Server 2003 Security Checklist

DISA Windows VISTA Security Checklist

DISA Windows XP Security Checklist

DOD 5015 2

DOT Physical Security Checklist

DoD 5220 22 NISPOM

DoD Instruction 5240.5

DoD Instruction 8500.2 DIACAP

EC ECNS DPP Regulations 2003

EU Data Protection Directive 95 46 EC

EU Directive on privacy and electronic communications

EU Safe Harbor US European

Equal Credit Opportunity Act

EudraLex Rules Governing Medicinal Products in the European Union Annex

As a follow up to the above, I thought it might be helpful to provide an example of using the compliance filters within the SIEM. The example below is for views but can also be applied in reports. In the below screenshot, we are looking at the normalized dashboard, after scrolling down to compliance within the filters, you need to select the filter icon within compliance then select PCI DSS 2.0 > 10.2.2 which looks for "All actions taken by any individual with root or administrative privileges".

Once the compliance regulation is selected, you need to click "OK" and then the refresh icon at the top of the filter view. This will update the view to include only the events that were initiated by adminstrators for the time period specified for the view. The results are below:

The advantage of using the compliance filters is that they can be used against any default views or custom views. Below is the default Event Summary view that has the same PCI DSS 2.0 10.2.2 filter applied to it.

Did you happen to see the example above (just below the list of compliance regulations)? It demonstrates that you can access the compliances from the compliance filter and apply it to any view or report template within the SIEM. You can also create custom views or reports if the default ones are not showing you all of the fields/values you need.